5.5

CVE-2024-36954

tipc: fix a possible memleak in tipc_buf_append

In the Linux kernel, the following vulnerability has been resolved:

tipc: fix a possible memleak in tipc_buf_append

__skb_linearize() doesn't free the skb when it fails, so move
'*buf = NULL' after __skb_linearize(), so that the skb can be
freed on the err path.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.4.271 < 4.5
LinuxLinux Kernel Version >= 4.9.271 < 4.10
LinuxLinux Kernel Version >= 4.14.235 < 4.15
LinuxLinux Kernel Version >= 4.19.193 < 4.19.314
LinuxLinux Kernel Version >= 5.4.124 < 5.4.276
LinuxLinux Kernel Version >= 5.10.42 < 5.10.217
LinuxLinux Kernel Version >= 5.12.9 < 5.15.159
LinuxLinux Kernel Version >= 5.16 < 6.1.91
LinuxLinux Kernel Version >= 6.2 < 6.6.31
LinuxLinux Kernel Version >= 6.7 < 6.8.10
LinuxLinux Kernel Version6.9 Updaterc1
LinuxLinux Kernel Version6.9 Updaterc2
LinuxLinux Kernel Version6.9 Updaterc3
LinuxLinux Kernel Version6.9 Updaterc4
LinuxLinux Kernel Version6.9 Updaterc5
LinuxLinux Kernel Version6.9 Updaterc6
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.16
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Mailing List
https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
Mailing List
https://git.kernel.org/stable/c/01cd1b7b685751ee422d00d050292a3d277652d6
Patch
https://git.kernel.org/stable/c/2f87fd9476cf9725d774e6dcb7d17859c6a6d1ae
Patch
https://git.kernel.org/stable/c/3210d34fda4caff212cb53729e6bd46de604d565
Patch
https://git.kernel.org/stable/c/42c8471b0566c7539e7dd584b4d0ebd3cec8cb2c
Patch
https://git.kernel.org/stable/c/614c5a5ae45a921595952117b2e2bd4d4bf9b574
Patch
https://git.kernel.org/stable/c/97bf6f81b29a8efaf5d0983251a7450e5794370d
Patch
https://git.kernel.org/stable/c/adbce6d20da6254c86425a8d4359b221b5ccbccd
Patch
https://git.kernel.org/stable/c/d03a82f4f8144befdc10518e732e2a60b34c870e
Patch